Hello, thanks for your response.
I'm using samba_internal as DNS because I don't want to add bind to only
relay the internal DNS.
The hosts file is clean on srv2 DC (default localhost), and this is the
srv1 hosts:
192.168.0.251 srv1.domain.com srv1
resolv.conf srv1:
domain domain
search domain.com
nameserver 192.168.0.251
nameserver 8.8.8.8
resolv.conf srv2:
nameserver 192.168.0.254
nameserver 8.8.8.8
smb.conf srv1 (just the created by samba-tool with dns forwarder):
[global]
netbios name = SRV1
realm = DOMAIN.COM
workgroup = DOMAIN
server role = active directory domain controller
dns forwarder = 8.8.8.8
[netlogon]
path = /server/samba/data/var/locks/sysvol/domain.com/scripts
read only = No
[sysvol]
path = /server/samba/data/var/locks/sysvol
read only = No
smb.conf srv1 (same as above plus idmap_ldb:use rfc2307 = yes and binded
interfaces):
# Global parameters
[global]
netbios name = SRV2
realm = DOMAIN.COM
workgroup = DOMAIN
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
dns forwarder = 8.8.8.8
# Only users interfaces
bind interfaces only = yes
interfaces = eth0 eth0:0
[netlogon]
path = /server/samba/data/var/locks/sysvol/domain.com/scripts
read only = No
[sysvol]
path = /server/samba/data/var/locks/sysvol
read only = No
Greetings!!
2017-09-27 16:39 GMT+02:00 L.P.H. van Belle via samba <samba at
lists.samba.org>:
> This is how you should do it.
>
> Can you post your /etc/hosts and resolv.conf
> Samba uses? Bind9_DLZ or Internal DNS ?
> And smb.conf of both servers.
>
> If you use bind, also post the bind config.
>
>
> Anonimize where needed.
>
>
> Greetz,
>
> Louis
>
>
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> > Daniel Carrasco via samba
> > Verzonden: woensdag 27 september 2017 15:34
> > Aan: samba at lists.samba.org
> > Onderwerp: [Samba] Multiple DC haven't HA on Windows
> >
> > Hello,
> >
> > I'm trying to replace a Windows Server 2003 DC that has
> > problems, with a Samba 4 domain with HA.
> > The linux client server seems to works fine even when main
> > DC/DNS server fails, but as always, Windows clients not...
> > They are able to log in (maybe using cached credentials), but
> > the GPO are not being applied...
> >
> > I've checked the sysvol folder and both are syncsynchronized
> > and accesible from the client computers. Also the DNS entries
> > of the domain points to both servers, and both servers are in
> > Windows DNS configuration.
> > The secondary DNS server seems to answer to dns request
> > because internet is working and it's able to resolv domain
entries.
> > The FSMO also points to secondary server that was the main
> > server until I used the other as main DNS.
> >
> > How I can make HA for Windows Clients?
> >
> > Thanks and greetings!
> >
> >
> > --
> > _________________________________________
> >
> > Daniel Carrasco Marín
> > Ingeniería para la Innovación i2TIC, S.L.
> > Tlf: +34 911 12 32 84 Ext: 223
> > www.i2tic.com
> > _________________________________________
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
--
_________________________________________
Daniel Carrasco Marín
Ingeniería para la Innovación i2TIC, S.L.
Tlf: +34 911 12 32 84 Ext: 223
www.i2tic.com
_________________________________________